Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp76504pxu; Tue, 5 Jan 2021 05:41:34 -0800 (PST) X-Google-Smtp-Source: ABdhPJwKgMNyY+MpI7L2xqVBG/IuKI+JY7XgQpyiHzNs76RxFLR9/SYf9l0WIs7UKTXPdg6G8aou X-Received: by 2002:a50:c315:: with SMTP id a21mr76004904edb.50.1609854094075; Tue, 05 Jan 2021 05:41:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1609854094; cv=none; d=google.com; s=arc-20160816; b=pTXuuZ/w+HrW8wwvE4KNtsK4pXZStvPa+VNEoBoH35ZHrQ/XylJqLADBi9768+sCMv NPBXox6SUmMmUIJ8nFi7+Yk+t6ydbQZc0/Dz99DvOLefkK3QjRhRy7gduLXrhUEW3F/b jEdtPXFmqZmsu+QLUw4ZjH36xQBZwFOyLPhGoYDAVxdpbt4OzR4cQAcT0a/dxCjIR2UN PwNUxNgLAE/tCWoubGF4xgiEwlG1XgGdesP2YKo36qn27QLODBM1HzBsKlozKNcSTUzq A8PlHbGNT4dwxG+6dRNeNtpoga+yOwAvbfNc5M8iz9AiMbqHHOPyMabld7K7koZlS0im QsMQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=yTwqt0s6atEKcOdu0KqPbMrHQRcOeEABN/38L/zVNEU=; b=S8GDfb+KU+YkhFdNtx+93U1XHdjb13cOuMCE1uHZv+NTIu5VHOUMZcxvF5/OIp8ctL tz2qdfeYalXn3l7ax7mmvRByLSKuOHbDoOSQ/5kmyeRbL3QWXnVBFwQa7a5hbF6o8cvP dNcwggO7Re08upE7NEObT5vfKWfuZbsjDqNElmNuGbZPC3ACehvqjdESmD0MNi6sXO9w uKRo5xzbSzUcxExgP6BHwkr/Yd2/IcZOR1FCKQkg5hQ1u/tlOmmwfYKsL5D4FaMhrKWZ TZQCUMQRV7Ap4j9v5gxg7KPS5gpxE8CfDFnB8HjY5juxfAo0TWz2zc8hyH3iSulQCXnM oz1Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id e8si32999787edq.377.2021.01.05.05.41.08; Tue, 05 Jan 2021 05:41:34 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729841AbhAENJ5 (ORCPT + 99 others); Tue, 5 Jan 2021 08:09:57 -0500 Received: from mail-wm1-f46.google.com ([209.85.128.46]:55862 "EHLO mail-wm1-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727875AbhAENJ4 (ORCPT ); Tue, 5 Jan 2021 08:09:56 -0500 Received: by mail-wm1-f46.google.com with SMTP id c124so2951554wma.5; Tue, 05 Jan 2021 05:09:40 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=yTwqt0s6atEKcOdu0KqPbMrHQRcOeEABN/38L/zVNEU=; b=JIfKzq/Fu2Rvj+zjEZ7sFNMey+7UeYrQOIRr9WwqrpmfxSoN857rAKooVeHRK5kD6X kJTshhv9tbiM2fP0wrom6SXDqUjoMNNTEzLn7U/mtsax4HhdvnFV7hUpE1Wu7QnLWFpS lvVIiR1qKlpBQjmE3weRlbUokGhelDTmhv08ppvKuPzG8r6GT7wF2KWWbajGRDDZfaV9 owpH8lSrJSUQ82AY4gBWDgGXmGpnneUhIpDNkvctiqv9jr9t7/QeZhFEbd/W3IhVDlYb NB1DdIvlZ5lfdK1jvE0NHMlbuHLq+1WIGtalaq6RaNeugoWtP6w4LGyL2UeguTuCbpJX eqqQ== X-Gm-Message-State: AOAM5331b+/Y9PYSQVuri77Z82lBbyr3Rm1wmHSOM3Od9Pth5X/81K7A whFWYaSnO1pPzG97Qvb3o7f8/9D0trA= X-Received: by 2002:a7b:c259:: with SMTP id b25mr3525319wmj.40.1609852154982; Tue, 05 Jan 2021 05:09:14 -0800 (PST) Received: from liuwe-devbox-debian-v2 ([51.145.34.42]) by smtp.gmail.com with ESMTPSA id i18sm98311640wrp.74.2021.01.05.05.09.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 05 Jan 2021 05:09:14 -0800 (PST) Date: Tue, 5 Jan 2021 13:09:13 +0000 From: Wei Liu To: Michael Kelley Cc: "Andrea Parri (Microsoft)" , "linux-kernel@vger.kernel.org" , KY Srinivasan , Haiyang Zhang , Stephen Hemminger , Wei Liu , "linux-hyperv@vger.kernel.org" , Andres Beltran , Saruhan Karademir , Juan Vazquez Subject: Re: [PATCH v4] hv_utils: Add validation for untrusted Hyper-V values Message-ID: <20210105130912.5o6vtuotf4c6vwcg@liuwe-devbox-debian-v2> References: <20201109100704.9152-1-parri.andrea@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: NeoMutt/20180716 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Dec 13, 2020 at 10:07:06PM +0000, Michael Kelley wrote: > From: Andrea Parri (Microsoft) Sent: Monday, November 9, 2020 2:07 AM > > > > For additional robustness in the face of Hyper-V errors or malicious > > behavior, validate all values that originate from packets that Hyper-V > > has sent to the guest in the host-to-guest ring buffer. Ensure that > > invalid values cannot cause indexing off the end of the icversion_data > > array in vmbus_prep_negotiate_resp(). > > > > Signed-off-by: Andres Beltran > > Co-developed-by: Andrea Parri (Microsoft) > > Signed-off-by: Andrea Parri (Microsoft) > > --- > > Changes in v3: > > - Add size check for icframe_vercnt and icmsg_vercnt > > > > Changes in v2: > > - Use ratelimited form of kernel logging to print error messages > > > > drivers/hv/channel_mgmt.c | 24 ++++- > > drivers/hv/hv_fcopy.c | 36 +++++-- > > drivers/hv/hv_kvp.c | 122 ++++++++++++--------- > > drivers/hv/hv_snapshot.c | 89 ++++++++------- > > drivers/hv/hv_util.c | 222 +++++++++++++++++++++++--------------- > > include/linux/hyperv.h | 9 +- > > 6 files changed, 314 insertions(+), 188 deletions(-) > > > > Reviewed-by: Michael Kelley Applied to hyperv-next.